Fortigate Newbie
ORIGINAL: ede_pfau You are right with your assumption that encapsulated internal addresses don' t matter. I suspect the .1.x subnet is used elsewhere on the FGT. You can check this: 1. look at the Routing Monitor (that is the live table of active routes). When the tunnel is down, there should not be any route to .1.x. If the tunnel is up, the FGT will insert a matching route with gateway ' your_tunnel' (whatever you named phase1) 2. ' diag debug flow' will show you where the traffic is going. You will find numerous examples on how to set this command up on the forums (emnoc loves this :) 3. of course, you could get both configs from the working and the current FGT and compare them with a tool to find the difference(s).That' s only correct if the DSL modem is in bridge mode, and not doing any routing itself. Checking the WAN1 port of the FGT for it' s IP address should clear things up quickly enough. If both WAN1 and Internal share the 192.168.1.x address space, you have started working towards your solution.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.